The business has an insatiable appetite for data and insights. Even in the age of big data, the number one issue of business stakeholders and analysts is getting access to the data. If access is achieved, the next step is "wrangling" the data into a usable data set for analysis. The term "wrangling" itself creates a nervous twitch, unless you enjoy the rodeo. But, the goal of the business isn't to be an adrenalin junky. The goal is to get insight that helps them smartly navigate through increasingly complex business landscapes and customer interactions. Those that get this have introduced a softer term, "blending." Another term dreamed up by data vendor marketers to avoid the dreaded conversation of data integration and data governance.

The reality is that you can't market message your way out of the fundamental problem that big data is creating data swamps even in the best intentioned efforts. (This is the reality of big data's first principle of a schema-less data.) Data governance for big data is primarily relegated to cataloging data and its lineage which serve the data management team but creates a new kind of nightmare for analysts and data scientist - working with a card catalog that will rival the Library of Congress. Dropping a self-service business intelligence tool or advanced analytic solution doesn't solve the problem of familiarizing the analyst with the data. Analysts will still spend up to 80% of their time just trying to create the data set to draw insights.

Early this year a host of inquires were coming in about data quality challenges in CRM systems. This led to a number of joint inquires between myself and CRM expert Kate Legget, VP and Principal Analyst in our application development and delivery team. Seems that the expectations that CRM systems could provide a single trusted view of the customer was starting to hit a reality check. There is more to collecting customer data and activities, you need validation, cleansing, standardization, consolidation, enrichment and hierarchies. CRM applications only get you so far, even with more and more functionality being added to reduce duplicate records and enforce classifications and groups. So, what should companies do?

One of the biggest stumbling blocks is getting business resources to govern data. We've all heard it:

"I don't have time for this."

"Do you really need a full time person?"

"That really isn't my job."

"Isn't that an IT thing?"

"Can we just get a tool or hire a service company to fix the data?"

Let's face it, resources are the data governance killer even in the face of organizations trying to take on enterprise lead data governance efforts.

What we need to do is rethink the data governance bottlenecks and start with the guiding principle that data can only be governed when you have the right culture throughout the organization. The point being, you need accountability with those that actually know something about the data, how it is used, and who feels the most pain. That's not IT, that's not the data steward. It's the customer care representative, the sales executive, the claims processor, the assessor, the CFO, and we can go on. Not really the people you would normally include regularly in your data governance program. Heck, they are busy!

But, the path to sustainable effective data governance is data citizenship - where everyone is a data steward. So, we have to strike the right balance between automation, manual governance, and scale. This is even more important as out data and system ecosystems are exploding in size, sophistication, and speed. In the world of MDM and data quality vendors are looking specifically at how to get around these challenges. There are five (5) areas of innovation:

Spending time at the MDM/DG Summit in NYC this week demonstrated the wide spectrum of MDM implementations and stories out in the market. It certainly coincides with our upcoming MDM inquriry analysis where:

An IT mindset has dominated the way organizations view and manage their data. Even as issues of quality and consistency raise their ugly head, the solution has often been to turn to the tool and approach data governance in a project oriented manner. Sustainability has been a challenge, relegated often to IT managing and updating data management tools (MDM, data quality, metadata management, information lifecycle management, and security). Forrester research has shown that less than 15% of organizations have business lead data governance that is linked to business initiatives, objectives and outcomes. But, this is changing. More and more organizations are looking toward data governance as a strategic enterprise competence as they adopt a data driven culture.

This shift from project to strategic program requires more than basic workflow, collaboration, and data profiling capabilities to institutionalize data governance policies and rules. The conversation can't start with data management technology (MDM, data quality, information lifecycle management, security, and metadata management) that will apply the policies and rules. It has to begin with what is the organization trying to achieve with their data; this is a strategy discussion and process. The implication - governing data requires a rethink of your operating model. New roles, responsibilities, and processes emerge.

Coming back from the SAS Industry Analyst Event left me with one big question - Are we taking into account the recommendations or insights provided through analysis and see if they actually produced positive or negative results?

It's a big question for data governance that I'm not hearing discussed around the table. We often emphsize how data is supplied, but how it performs in it's consumed state is fogotten.

When leading business intelligence and analytics teams I always pushed to create reports and analysis that ultimately incented action. What you know should influence behavior and decisions, even if the influence was to say, "Don't change, keep up the good work!" This should be a fundamental function of data govenance. We need to care not only that the data is in the right form factor but also review what the data tells us/or how we interpret the data and did it make us better?

I've talked about the closed-loop from a master data management perspective - what you learn about customers will alter and enrich the customer master. The connection to data governance is pretty clear in this case. However, we shouldn't stop at raw data and master definitions. Our attention needs to include the data business users receive and if it is trusted and accurate. This goes back to the fact that how the business defines data is more than what exists in a database or application. Data is a total, a percentage, an index. This derived data is what the business expects to govern - and if derived data isn't supporting business objectives, that has to be incorporated into the data governance discussion.

The last Forrester Wave for MDM was released in 2008 and focused on the Customer Hub. Well, things have certainly changed since then. Organizations need enterprise scale to break down data silos. Data Governance is quickly becoming part of an organization's operating model. And, don't forget, the big elephant in the room, Big Data.

From 2008 to now there have been multiple analyst firm evaluations of MDM vendors. Vendors come, go or are acquired. But, the leaders are almost always the same. We also see inquiries and implementations tracking to the leaders. Our market overview report helped to identify the distinct segments of MDM vendors and found that MDM leaders were going big, leveraging a strategic perspective of data management, a suite of products, and pushing to support and create modern data management environments. What needed to be addressed, how do you make a decision between these vendors?

The Forrester Wave for the Multi-Platform MDM market segment gets to the heart of this question by pushing top vendors to differentiate amongst themselves and evaluating them at the highest levels of MDM strategy. There were things we learned that surprised us as well as where the line was drawn between marketing messaging and positioning and real capabilities. This was done by positioning the Wave process the way our clients would evaluate vendors, rigorously questioning and fact checking responses and demos.

Outside of Tempe is a place called Sahuarita, Arizona. Sahuarita is the home of Air Force Silo #571-7 where a Titan missile, that was part of the US missile defense system and had a nine-megaton warhead that was at the ready for 25 years, should the United States need to retaliate against a Soviet nuclear attack. This missile could create a fireball two miles wide, contaminate everything within 900 square miles, hit its target in 35 minutes, and nothing in the current US nuclear arsenal comes close to its power. What kept it secure for 25 years? You guessed it...four phones, two doors, a scrap of paper, and a lighter.

Photo Credit: Renee Murphy

Technology has grown by leaps and bounds since the cold war. When these siloes went into service, a crew supplied by the Air Force manned them. These men and women were responsible for ensuring the security and availability of the missile. Because there was no voice recognition, retinal scanning, biometric readers, and hard or soft tokens, the controls that were in place were almost entirely physical controls. All of the technology that we think of as keeping our data and data centers secure hadn’t been developed yet. It is important to note that there was never a breach. Ever.

It might be an occupational hazard, but I can relate almost anything to security and risk management, and my visit to the Titan Missile Museum at AF Silo #571-7 was no exception. The lesson I took from my visit: there's room for manual controls in security and risk management.

I had the opportunity to speak and participate in a panel on data governance as it pertained to big data. My presentation was based on recently completed research sponsored by IBM to understand, what does data governance look like by firms embarking/executing on big data? The overarching theme was that data governance is about protect and serve. Manage security and privacy while delivering trusted data.

Yet, when you look at data governance and what it means to the data practice, not the technology, protect and serve is also a credo. In business terms it represents:

Protect the reputation and mitigate risk associated with inappropriate use or dirty data.

Serve information needs of the business to have information fast and stay agile to market conditions.

There are multiple maturity models and associated assessments for Data Governance on the market. Some are from software vendors, or from consulting companies, which use these as the basis for selling services. Others are from professional groups like the one from the Data Governance Council.

They are all good – but frankly not adequate for the data economy many companies are entering into. I think it is useful to reshuffle some too well established ideas...

Maturity models in general are attractive because:

- Using a maturity model is nearly a ‘no-brainer’ exercise. You run an assessment and determine your current maturity level. Then you can make a list of the actions which will drive you to the next level. You do not need to ask your business for advice, nor involve too many people for interviews.

- Most data governance maturity models are modeled on the very well known CMMI. That means that they are similar at least in terms of structure/levels. So the debate between the advantages of one vs another is limited to its level of detail.

But as firms move into the data economy – with what this means for their sourcing, analyzing and leveraging data, I think that today’s maturity models for data governance are becoming less relevant – and even an impediment: